[英]Access-Control-Allow-Origin Mystery
I'm having trouble making a CORS request in Chrome (Version 32.0.1700.77).我在 Chrome(版本 32.0.1700.77)中发出 CORS 请求时遇到问题。 I'm positive that the correct preflight headers are being sent and that they're also being sent during the primary request.
我肯定正在发送正确的预检标头,并且它们也在主要请求期间发送。 I should add that I'm using jQuery $.ajax with the contentType parameter set to "application/json".
我应该补充一点,我正在使用 jQuery $.ajax 并将 contentType 参数设置为“application/json”。 The existence of the contentType argument seems to be triggering the problem (since things work fine without it).
contentType 参数的存在似乎引发了问题(因为没有它一切都很好)。
Here's the output from the OPTIONS request.这是 OPTIONS 请求的输出。
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization, Content-Type, X-Requested-With
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: text/plain
Content-Length: 2
Date: Fri, 17 Jan 2014 04:58:43 GMT
Connection: keep-alive
And here's the output from the primary POST request (401 is expected):这是主 POST 请求的输出(预期为 401):
HTTP/1.1 401 Unauthorized
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization, Content-Type, X-Requested-With
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Content-Length: 36
Date: Fri, 17 Jan 2014 05:00:05 GMT
Connection: keep-alive
The problem is that Chrome doesn't recognize the Access-Control-Allow-Origin response header for some reason and displays the below line in the error console:问题是 Chrome 由于某种原因无法识别 Access-Control-Allow-Origin 响应标头,并在错误控制台中显示以下行:
XMLHttpRequest cannot load http://site1.dev:3000/api/v1/pathways .
XMLHttpRequest 无法加载http://site1.dev:3000/api/v1/pathways 。 No 'Access-Control-Allow-Origin' header is present on the requested resource.
请求的资源上不存在“Access-Control-Allow-Origin”标头。 Origin ' http://site2.dev:8000 ' is therefore not allowed access.
因此不允许访问源 ' http://site2.dev:8000 '。
Any ideas?有任何想法吗?
Turns out Chrome wasn't reporting a 500 error from the API server.结果发现 Chrome 没有从 API 服务器报告 500 错误。 Doh!
哦!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.